def auth(request, path):
    from django.http import HttpResponse, HttpResponseRedirect, HttpResponseForbidden
    from django.utils.html import escape
    if request.user.is_anonymous():
        # If not logged in, redirect to login page
        return HttpResponseRedirect(reverse("login") + "?next=/" + escape(path))
    elif request.user.has_perm("some.perm"):
        # If allowed, then return empty "200 OK" response, and
        # set REQUEST_USER.
        result = HttpResponse()
        result['Variable-REMOTE_USER'] = request.user.username
        return result
    else:
        # Otherwise, a user who isn't allowed.
        result = HttpResponseForbidden()
        result.write("Access denied")
        return result